Locking down services on XP client workstations

One of the easiest ways for crackers to exploit holes in your system is through open services. And lately, viruses have been masquerading as services listed in the Task Manager, making them harder to detect, clean and prevent. When you audit and close unused services, in addition to security benefits, you receive performance enhancement because stagnant programs aren't taking up available resources. Besides, a full security audit of your service can reveal some interesting details about your machine.

Windows XP comes with only two services that require open access to an external interface for normal operation: Terminal Services, or Remote Desktop Connection, and the Remote Access Service for answering dial-in calls.

Follow these instructions to manage services on your computer:

The following services ship with Windows XP. The list is not complete, but it includes the recommended state that each service shown should be in on your computer, assuming normal office functions are performed on the machine. On this list you'll see the name of the service, followed by a short description and my recommendation regarding the state of the service.

As you can see from the list, you don't need very much to keep your Windows XP installation functioning, at least in a nondomain environment. Most of the enabled services just pose an un

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows XP security issues, updates and alerts How Windows 7 stands up to security tests The state of enterprise security and emerging threats in 2009 A first look at Windows 7 security enhancements How to strike a balance between Windows security and business needs How to recognize and repair Blue Screen of Death stop error messages Ten ways to sell security to management Improve Windows security with our top 10 tips Strategies for troubleshooting Windows XP errors Managing single sign-on security burdens in Windows A Windows security checklist for IT managers

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

favorable security risk compared to the reward, bring little or no benefit, consume resources and can be safely turned off.

Peruse the following list of best practices and consider implementing them.

You may download a printer-friendly version of this tip.

About the author: Jonathan Hassell is author of Hardening Windows (Apress LP), and is a SearchWindowsSecurity.com site expert. Hassell is a systems administrator and IT consultant residing in Raleigh, N.C., who has extensive experience in networking technologies and Internet connectivity. He runs his own Web-hosting business, Enable Hosting. His previous book RADIUS (O'Reilly & Associates), is a guide to the RADIUS authentication protocol and offers suggestions for implementing RADIUS and overall network security. Ask Hassell a hardening Windows question today.

More information from SearchWindowsSecurity.com